Digital Risks in Emerging Economies: Cyber Threat Escalation in Indonesia (2020–2023)
DOI:
https://doi.org/10.61978/data.v2i3.697Keywords:
Cybersecurity, Indonesia, Digital Transformation, Cyber Threats, Policy Response, SME Vulnerability, Investment StrategyAbstract
Indonesia's rapid digital transformation over the past decade has brought with it a surge in cyber threats, posing significant risks to national security, economic resilience, and public trust. This study investigates the escalation of cyber incidents between 2020 and 2023, analyzing their trends, regulatory responses, and systemic vulnerabilities. Utilizing secondary data from national agencies and international platforms, the research employs both quantitative and qualitative methods to assess incident volumes and policy effectiveness. The results reveal a sharp rise in cyber incidents, from 88 million in 2020 to over 1.65 billion in 2021, driven largely by phishing, ransomware, and malware campaigns. Although regulatory frameworks such as BSSN Regulation No. 8/2020 and Presidential Regulations 82/2022 and 47/2023 represent important steps, enforcement remains weak, and sectoral coordination is limited. Investment in cybersecurity is critically low, averaging only 0.02% of GDP, while SMEs remain particularly vulnerable due to limited resources and awareness. Discussion of these findings highlights systemic barriers such as institutional fragmentation, insufficient technical capacity, and underdeveloped cybersecurity culture. The study emphasizes the importance of inter-agency collaboration, adaptive regulatory frameworks, and increased investment to build national resilience. Comparative insights from global best practices suggest that integrating stakeholder feedback and promoting continuous learning can significantly enhance threat response and governance outcomes. In conclusion, Indonesia's cybersecurity landscape requires urgent strategic realignment. A well-funded, coordinated, and flexible national cybersecurity framework is essential to protect the nation's digital infrastructure and foster sustainable digital development
References
Beaman, C., Barkworth, A., Akande, T., Hakak, S., & Khan, M. (2021). Ransomware: recent advances, analysis, challenges and future research directions. Computers & Security, 111, 102490. https://doi.org/10.1016/j.cose.2021.102490 DOI: https://doi.org/10.1016/j.cose.2021.102490
Carías, J., Borges, M., Labaka, L., Arrizabalaga, S., & Hernantes, J. (2020). Systematic approach to cyber resilience operationalization in SMEs. IEEE Access, 8, 174200–174221. https://doi.org/10.1109/access.2020.3026063 DOI: https://doi.org/10.1109/ACCESS.2020.3026063
Çifci, H. (2022). Comparison of national-level cybersecurity and cyber power indices: a conceptual framework. https://doi.org/10.21203/rs.3.rs-2159915/v1 DOI: https://doi.org/10.21203/rs.3.rs-2159915/v1
Chigada, J., & Madzinga, R. (2021). Cyberattacks and threats during COVID-19: a systematic literature review. SA Journal of Information Management, 23(1). https://doi.org/10.4102/sajim.v23i1.1277 DOI: https://doi.org/10.4102/sajim.v23i1.1277
Chimezie, O., Akagha, O., Dawodu, S., Anyanwu, A., Onwusinkwue, S., & Ahmad, I. (2024). Comprehensive review on cybersecurity: modern threats and advanced defense strategies. Computer Science & IT Research Journal, 5(2), 293–310. https://doi.org/10.51594/csitrj.v5i2.758 DOI: https://doi.org/10.51594/csitrj.v5i2.758
Cross, C., & Holt, T. (2021). Responding to cybercrime: results of a comparison between community members and police personnel. https://doi.org/10.52922/ti78207 DOI: https://doi.org/10.52922/ti78207
Dedeke, A., & Masterson, K. (2019). Contrasting cybersecurity implementation frameworks (CIF) from three countries. Information and Computer Security, 27(3), 373–392. https://doi.org/10.1108/ics-10-2018-0122 DOI: https://doi.org/10.1108/ICS-10-2018-0122
Drew, J. (2020). A study of cybercrime victimisation and prevention: exploring the use of online crime prevention behaviours and strategies. Journal of Criminological Research Policy and Practice, 6(1), 17–33. https://doi.org/10.1108/jcrpp-12-2019-0070 DOI: https://doi.org/10.1108/JCRPP-12-2019-0070
Drew, J., & Farrell, L. (2018). Online victimization risk and self-protective strategies: developing police-led cyber fraud prevention programs. Police Practice and Research, 19(6), 537–549. https://doi.org/10.1080/15614263.2018.1507890 DOI: https://doi.org/10.1080/15614263.2018.1507890
Familoni, B., & Shoetan, P. (2024). Cybersecurity in the financial sector: a comparative analysis of the USA and Nigeria. Computer Science & IT Research Journal, 5(4), 850–877. https://doi.org/10.51594/csitrj.v5i4.1046 DOI: https://doi.org/10.51594/csitrj.v5i4.1046
Fissel, E., & Lee, J. (2023). The cybercrime illusion: examining the impact of cybercrime misbeliefs on perceptions of cybercrime seriousness. Journal of Criminology, 56(2–3), 150–169. https://doi.org/10.1177/26338076231174639 DOI: https://doi.org/10.1177/26338076231174639
García-Pérez, A., Sallos, M., & Tiwasing, P. (2021). Dimensions of cybersecurity performance and crisis response in critical infrastructure organisations: an intellectual capital perspective. Journal of Intellectual Capital, 24(2), 465–486. https://doi.org/10.1108/jic-06-2021-0166 DOI: https://doi.org/10.1108/JIC-06-2021-0166
Gordon, L., Loeb, M., Lucyshyn, W., & Zhou, L. (2018). Empirical evidence on the determinants of cybersecurity investments in private sector firms. Journal of Information Security, 9(2), 133–153. https://doi.org/10.4236/jis.2018.92010 DOI: https://doi.org/10.4236/jis.2018.92010
Hadlington, L., & Chivers, S. (2018). Segmentation analysis of susceptibility to cybercrime: exploring individual differences in information security awareness and personality factors. Policing: A Journal of Policy and Practice, 14(2), 479–492. https://doi.org/10.1093/police/pay027 DOI: https://doi.org/10.1093/police/pay027
Holt, T., & Lee, J. (2019). Policing cybercrime through law enforcement and industry mechanisms., 644–662. https://doi.org/10.1093/oxfordhb/9780198812746.013.34 DOI: https://doi.org/10.1093/oxfordhb/9780198812746.013.34
Irwandy, I., Mangilep, A., Anggraeni, R., Noor, N., Niartiningsih, A., & Latifah, N. (2024). Cybersecurity culture among healthcare workers in Indonesia: knowledge gaps, demographic influences, and strategic policy solutions. https://doi.org/10.21203/rs.3.rs-5421169/v1 DOI: https://doi.org/10.21203/rs.3.rs-5421169/v1
Ispahany, J., Islam, R., Islam, M., & Khan, M. (2024). Ransomware detection using machine learning: a review, research limitations and future directions. IEEE Access, 12, 68785–68813. https://doi.org/10.1109/access.2024.3397921 DOI: https://doi.org/10.1109/ACCESS.2024.3397921
Jaman, U., Lubis, A., & Suhartono, S. (2023). Legal challenges in the development of information and communication technology SMEs in Jabodetabek region, Indonesia. West Science Law and Human Rights, 1(04), 149–156. https://doi.org/10.58812/wslhr.v1i04.321 DOI: https://doi.org/10.58812/wslhr.v1i04.321
Kamal, A., Yen, C., Ping, M., & Zahra, F. (2020). Cybersecurity issues and challenges during COVID-19 pandemic. https://doi.org/10.20944/preprints202009.0249.v1 DOI: https://doi.org/10.20944/preprints202009.0249.v1
Kaur, M., & Saini, M. (2022). Indian government initiatives on cyberbullying: a case study on cyberbullying in Indian higher education institutions. Education and Information Technologies, 28(1), 581–615. https://doi.org/10.1007/s10639-022-11168-4 DOI: https://doi.org/10.1007/s10639-022-11168-4
Khan, S., Saleh, T., Dorasamy, M., Khan, N., Leng, O., & Vergara, R. (2022). A systematic literature review on cybercrime legislation. F1000Research, 11, 971. https://doi.org/10.12688/f1000research.123098.1 DOI: https://doi.org/10.12688/f1000research.123098.1
Krishna, B., & M.P., S. (2021). Examining the relationship between e-government development, nation’s cyber-security commitment, business usage and economic prosperity: a cross-country analysis. Information and Computer Security, 29(5), 737–760. https://doi.org/10.1108/ics-12-2020-0205 DOI: https://doi.org/10.1108/ICS-12-2020-0205
Lee, J., Holt, T., Burruss, G., & Bossler, A. (2019). Examining English and Welsh detectives’ views of online crime. International Criminal Justice Review, 31(1), 20–39. https://doi.org/10.1177/1057567719846224 DOI: https://doi.org/10.1177/1057567719846224
Malik, M., & Islam, U. (2019). Cybercrime: an emerging threat to the banking sector of Pakistan. Journal of Financial Crime, 26(1), 50–60. https://doi.org/10.1108/jfc-11-2017-0118 DOI: https://doi.org/10.1108/JFC-11-2017-0118
Manzoor, J., Waleed, A., Jamali, A., & Masood, A. (2024). Cybersecurity on a budget: evaluating security and performance of open-source SIEM solutions for SMEs. PLOS ONE, 19(3), e0301183. https://doi.org/10.1371/journal.pone.0301183 DOI: https://doi.org/10.1371/journal.pone.0301183
Maphosa, V. (2024). An overview of cybersecurity in Zimbabwe’s financial services sector. F1000Research, 12, 1251. https://doi.org/10.12688/f1000research.132823.2 DOI: https://doi.org/10.12688/f1000research.132823.2
Mupila, F., Gupta, H., & Bhardwaj, A. (2023). An empirical study on cyber crimes and cybersecurity awareness. https://doi.org/10.21203/rs.3.rs-3037289/v1 DOI: https://doi.org/10.21203/rs.3.rs-3037289/v1
Naidoo, R. (2020). A multi-level influence model of COVID-19 themed cybercrime. European Journal of Information Systems, 29(3), 306–321. https://doi.org/10.1080/0960085x.2020.1771222 DOI: https://doi.org/10.1080/0960085X.2020.1771222
Neuhaus, S., & Plattner, B. (2013). Software security economics: theory, in practice., 75–92. https://doi.org/10.1007/978-3-642-39498-0_4 DOI: https://doi.org/10.1007/978-3-642-39498-0_4
Neyole, J., Okwiri, S., & Mapema, N. (2024). Exploring the impact of cybersecurity threats on small and medium enterprises' performance: a case study of Kajiado County, Kenya. https://doi.org/10.20944/preprints202411.0237.v1 DOI: https://doi.org/10.20944/preprints202411.0237.v1
Neri, M., Niccolini, F., & Martino, L. (2023). Organizational cybersecurity readiness in the ICT sector: a quanti-qualitative assessment. Information and Computer Security, 32(1), 38–52. https://doi.org/10.1108/ics-05-2023-0084 DOI: https://doi.org/10.1108/ICS-05-2023-0084
Neri, M., Niccolini, F., & Pugliese, R. (2022). Assessing SMEs’ cybersecurity organizational readiness: findings from an Italian survey. Online Journal of Applied Knowledge Management, 10(2), 1–22. https://doi.org/10.36965/ojakm.2022.10(2)1-22 DOI: https://doi.org/10.36965/OJAKM.2022.10(2)1-22
Ngo, F., Piquero, A., LaPrade, J., & Duong, B. (2020). Victimization in cyberspace: is it how long we spend online, what we do online, or what we post online? Criminal Justice Review, 45(4), 430–451. https://doi.org/10.1177/0734016820934175 DOI: https://doi.org/10.1177/0734016820934175
Odimarha, A., Ayodeji, S., & Abaku, E. (2024). Securing the digital supply chain: cybersecurity best practices for logistics and shipping companies. World Journal of Advanced Science and Technology, 5(1), 026–030. https://doi.org/10.53346/wjast.2024.5.1.0030 DOI: https://doi.org/10.53346/wjast.2024.5.1.0030
Ofoegbu, K., Osundare, O., Ike, C., Fakeyede, O., & Ige, A. (2024). Proactive cyber threat mitigation: integrating data-driven insights with user-centric security protocols. Computer Science & IT Research Journal, 5(8), 2083–2106. https://doi.org/10.51594/csitrj.v5i8.1493 DOI: https://doi.org/10.51594/csitrj.v5i8.1493
Ogunjimi, O., Afoloeunsho, A., & Olukomoro, O. (2018). Elicitation of SME requirements for cybersecurity solutions through adherence to recommendations. Advances in Multidisciplinary & Scientific Research Journal Publication, 6(2), 29–34. https://doi.org/10.22624/aims/maths/v6n2p4 DOI: https://doi.org/10.22624/AIMS/MATHS/V6N2P4
Özkan, B., & Spruit, M. (2020). Cybersecurity standardisation for SMEs., 1252–1278. https://doi.org/10.4018/978-1-7998-7705-9.ch056 DOI: https://doi.org/10.4018/978-1-7998-7705-9.ch056
Pekarčík, M., Šafár, L., Rutecka, P., & Morawiec, P. (2024). Unveiling the impact of ownership structure on SMEs’ cybersecurity perceptions. https://doi.org/10.21203/rs.3.rs-4526358/v1 DOI: https://doi.org/10.21203/rs.3.rs-4526358/v1
Pike, A., Adams, W., Huggins, R., Mazerolle, S., & Casa, D. (2019). Analysis of states' barriers to and progress toward implementation of health and safety policies for secondary school athletics. Journal of Athletic Training, 54(4), 361–373. https://doi.org/10.4085/1062-6050-28-18 DOI: https://doi.org/10.4085/1062-6050-28-18
